#58814 closed defect (bug) (fixed)
Intensionally inset general->timezone_string field wrong format makes error in 'Time Format' & 'Date Format'
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Milestone: | 6.4 | Priority: | normal |
| Severity: | normal | Version: | |
| Component: | Options, Meta APIs | Keywords: | has-screenshots has-patch has-unit-tests needs-testing has-testing-info commit |
| Focuses: | Cc: |
Description
How to reproduce
- Go to WP Admin/Settings->General.
- Open the browser console and find the
timezone_stringselect field's selected option. - Change the value that is not valid. For example,
0/test - Save the settings.
- Then I see the error in the
Time FormatandDate Formatfields.
I find this bug in the published version. Even with the trunk branch of wordpress-develop.
Change History (19)
#1
@
10 months ago
- Keywords close 2nd-opinion added; needs-privacy-review removed
- Severity changed from major to normal
- Version trunk deleted
This ticket was mentioned in PR #4853 on WordPress/wordpress-develop by @costdev.
10 months ago
#2
- Keywords has-patch has-unit-tests added
Previously, timezone values such as an empty string, 0 or an invalid timezone identifier were saved.
This produced a warning in PHP < 7.4, and a Fatal Error in PHP 8+.
This adds validation which resets invalid values to the previous value before saving, and displays an error message to the user.
Includes E2E tests.
#3
@
10 months ago
- Component changed from Administration to Options, Meta APIs
- Keywords close 2nd-opinion removed
- Milestone changed from Awaiting Review to 6.4
After discussing this ticket with @peterwilsoncc, it may be worth improving server side validation here anyway.
PR 4853 resets invalid values to the previous value, and displays an error message to the user. E2E tests are included.
- Milestoning for WordPress 6.4.
- Updating
ComponenttoOptions, Meta APIs.
This ticket was mentioned in Slack in #core by oglekler. View the logs.
8 months ago
This ticket was mentioned in Slack in #core-test by oglekler. View the logs.
8 months ago
#7
@
8 months ago
Test Report
Environment
OS: macOS m1
WordPress 6.4-alpha-56267-src
PHP 7.4.33
nginx/1.25.2
MySQL 5.7.43
Browser: Chrome 116.0.5845.140
Theme: Twenty Twenty-Tree
Active Plugins: No plugins activated.
Results
This patch works properly. Before applying the patch, it shows some errors and save successfully. After applying the patch, I am not seeing any errors but showing a warning message. It's good.
Before Applying Patch
After Applying Patch
#8
@
8 months ago
Test Report ❌
Patch tested: https://github.com/WordPress/wordpress-develop/pull/4853
Testing Environment:
- WordPress - 6.4-alpha-20230908.205513
- Web Server: Nginx
- Chrome Version - 116
- OS - macOS
- Theme: Twenty Twenty-Three
- PHP - 7.4.0
Test result:
The patch functions correctly when an invalid timezone is entered, such as a number (0), special characters ($#%@), or alphabetic characters (e.g., "Five:Thirty").
However, when a valid timezone is manually inputted, it results in errors. This needs attention and rectification.
Steps to Reproduce:
- Choose a timezone from the dropdown options, e.g., "UTC+0."
- Save the selected timezone setting.
- Inspect the element and select the value that was chosen, e.g.,
<option selected="selected" value="UTC+0">UTC+0</option>.
- Modify the value to
<option selected="selected" value="0">0</option>.
- Save the setting. Observe that an error message appears in the header as expected.
- Choose the selected value again and input a valid timezone format like 'UTC+8:30' e.g.,
<option selected="selected" value="UTC+8:30">UTC+8:30</option>.
- Save the setting again.
- Notice the PHP warnings displayed.
Issue Demonstration Video: https://www.loom.com/share/9c4f5c7db3874bc08fa4629f64c99ca5
Screenshot:
When using Valid Timezone:
When adding Invalid TimeZone
#9
@
7 months ago
I was unable to reproduce the issue from the last report 🤔 For me, the patch is working as expected.
#10
@
7 months ago
Retested the patch again and still able to replicate the issue mentioned in the comment https://core.trac.wordpress.org/ticket/58814#comment:8
#12
@
7 months ago
@nicolefurlan Sure! The failing test is the E2E Test timeout failure we've been having trouble with in Core for a while now. The failure isn't caused by the code in the PR. 🙂
#13
@
7 months ago
Wonderful! With the other two passing test reports, do we think this fix is ready for commit?
#15
@
7 months ago
- Keywords commit added
I've added commit but of course, if that doesn't seem right, please feel free to remove it :) (cc @costdev)
This ticket was mentioned in Slack in #core by oglekler. View the logs.
7 months ago
#17
@
7 months ago
This ticket was discussed in today's bug scrub.
@costdev agrees that this is ready for commit.
I addressed Peter's feedback and was going to wait for him to approve it during his day as a courtesy.
cc @peterwilsoncc :)
#18
@
7 months ago
- Owner set to peterwilsoncc
- Resolution set to fixed
- Status changed from new to closed
In 56949:
Hi @mrinal013, thanks for opening this ticket!
I'm not seeing how these values could be invalid without intentionally modifying them to be. The values are hardcoded with a prefix of UTC and + or -. Anyone using DevTools or JavaScript to modify these values should look at how the existing values are formatted before setting their own.
If WordPress Core provided a filter for these timezone choices and lacked adequate validation, this would be a Core bug. However, this appears to be a warning created through intent, rather than a bug.
needs-privacy-reviewas this doesn't relate to privacy.closeand2nd-opinionto gather additional thoughts.Severitytonormal.Versionas the initial report states that this can be reproduced in earlier versions.